CVE-2004-1444

Roundup < 0.6.4 - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via .. (dot dot) sequences in an @@ command in an HTTP GET request.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Vickenty Fesunov · textremotelinux
https://www.exploit-db.com/exploits/24179

References (7)

Scores

EPSS 0.1653
EPSS Percentile 94.9%

Details

CWE
CWE-22
Status published
Products (34)
pypi/Roundup 0 - 0.7.3PyPI
roundup-tracker/roundup 0.1.0
roundup-tracker/roundup 0.1.1
roundup-tracker/roundup 0.1.2
roundup-tracker/roundup 0.1.3
roundup-tracker/roundup 0.2.0
roundup-tracker/roundup 0.2.1
roundup-tracker/roundup 0.2.2
roundup-tracker/roundup 0.2.3
roundup-tracker/roundup 0.2.4
... and 24 more
Published Dec 31, 2004
Tracked Since Feb 18, 2026